我們都知道Cookie Policy會(huì)影響服務(wù)器能否在客戶端(iOS設(shè)備中)種cookie
iOS系統(tǒng)中通過NSHTTPCookieStorage類的單例來管理Cookie Policy, 并且有以下幾中Cookie Policy:
- NSHTTPCookieAcceptPolicyAlways --- Accept all cookies.
- NSHTTPCookieAcceptPolicyNever --- Reject all cookies.
- NSHTTPCookieAcceptPolicyOnlyFromMainDocumentDomain --- Accept cookies only from the main document domain.
雖然Apple官方文檔中表示NSHTTPCookieAcceptPolicyAlways(This is the default cookie accept policy.)是默認(rèn)的配置, 但是我們實(shí)際在一個(gè)全新的BunldeID的App中,打印看到的初始配置是NSHTTPCookieAcceptPolicyOnlyFromMainDocumentDomain, 代碼結(jié)構(gòu)如下:
-(NSString *)plicyNameBy:(NSHTTPCookieAcceptPolicy)plicy{
NSString *ret = nil;
switch (plicy) {
case NSHTTPCookieAcceptPolicyAlways:
return @"NSHTTPCookieAcceptPolicyAlways";
break;
case NSHTTPCookieAcceptPolicyNever:
return @"NSHTTPCookieAcceptPolicyNever";
break;
case NSHTTPCookieAcceptPolicyOnlyFromMainDocumentDomain:
return @"NSHTTPCookieAcceptPolicyOnlyFromMainDocumentDomain";
break;
}
return ret;
}
-(void)printPolicy{
NSHTTPCookieAcceptPolicy policy = [NSHTTPCookieStorage sharedHTTPCookieStorage].cookieAcceptPolicy;
NSLog(@"當(dāng)前cookie storage 策略: %@",[self plicyNameBy:policy]);
}
- (BOOL)application:(UIApplication *)application didFinishLaunchingWithOptions:(NSDictionary *)launchOptions {
[self printPolicy]; // 打印結(jié)果是 NSHTTPCookieAcceptPolicyOnlyFromMainDocumentDomain
return YES;
}
1. Cookie Policy的正常情況
在測(cè)試之前, 首先需要將APP從iPhone上刪除以后, 運(yùn)行如下代碼:
- (BOOL)application:(UIApplication *)application didFinishLaunchingWithOptions:(NSDictionary *)launchOptions {
[self printPolicy];
[[NSHTTPCookieStorage sharedHTTPCookieStorage] setCookieAcceptPolicy:NSHTTPCookieAcceptPolicyNever];
[self printPolicy];
return YES;
}
輸出結(jié)果如下
2018-11-14 16:12:25.194597+0800 CookiePolicyDemo[72266:4789124] 當(dāng)前cookie storage 策略: NSHTTPCookieAcceptPolicyOnlyFromMainDocumentDomain
2018-11-14 16:12:25.195228+0800 CookiePolicyDemo[72266:4789124] DiskCookieStorage changing policy from 2 to 1, cookie file: file:///private/var/mobile/Containers/Data/Application/142771D7-0798-45F6-86B3-5EEF3921672C/Library/Cookies/Cookies.binarycookies
2018-11-14 16:12:25.195274+0800 CookiePolicyDemo[72266:4789124] 當(dāng)前cookie storage 策略: NSHTTPCookieAcceptPolicyNever
此時(shí), 不要?jiǎng)h除APP, 將設(shè)置Policy那句語句注釋掉,直接重新編譯Run起APP, 代碼如下:
- (BOOL)application:(UIApplication *)application didFinishLaunchingWithOptions:(NSDictionary *)launchOptions {
[self printPolicy];
// [[NSHTTPCookieStorage sharedHTTPCookieStorage] setCookieAcceptPolicy:NSHTTPCookieAcceptPolicyNever];
[self printPolicy];
return YES;
}
結(jié)果如下:
2018-11-14 16:15:53.618973+0800 CookiePolicyDemo[72283:4789890] 當(dāng)前cookie storage 策略: NSHTTPCookieAcceptPolicyOnlyFromMainDocumentDomain
2018-11-14 16:15:53.619013+0800 CookiePolicyDemo[72283:4789890] 當(dāng)前cookie storage 策略: NSHTTPCookieAcceptPolicyOnlyFromMainDocumentDomain
我們可以看出, Cookie Policy 恢復(fù)成NSHTTPCookieAcceptPolicyOnlyFromMainDocumentDomain. 這種情況是我們認(rèn)可的正常情況.
2. Cookie Policy的異常情況!!!
- 將手機(jī)上的APP刪掉!!!!!!!
- 將Cookie Storage策略設(shè)置成
Never, 然后Run:
- (BOOL)application:(UIApplication *)application didFinishLaunchingWithOptions:(NSDictionary *)launchOptions {
[self printPolicy];
[[NSHTTPCookieStorage sharedHTTPCookieStorage] setCookieAcceptPolicy:NSHTTPCookieAcceptPolicyNever];
[self printPolicy];
return YES;
}
// 此時(shí)結(jié)果會(huì)正常打印, 和上一節(jié)內(nèi)容一樣
- 當(dāng)APP進(jìn)入手機(jī)界面以后, 快速點(diǎn)擊Home,讓APP進(jìn)入后臺(tái). (或者在手機(jī)上雙擊home, 直接關(guān)閉APP)
- 在Xcode中將
[[NSHTTPCookieStorage sharedHTTPCookieStorage] setCookieAcceptPolicy:NSHTTPCookieAcceptPolicyNever];語句注釋掉:
- (BOOL)application:(UIApplication *)application didFinishLaunchingWithOptions:(NSDictionary *)launchOptions {
[self printPolicy];
// [[NSHTTPCookieStorage sharedHTTPCookieStorage] setCookieAcceptPolicy:NSHTTPCookieAcceptPolicyNever];
[self printPolicy];
return YES;
}
- 此時(shí)上一次配置
Never的APP還在設(shè)備上運(yùn)行, 在注釋上面代碼以后, 直接按Xcode的Run. APP會(huì)再次啟動(dòng),打印的Cookie Policy居然是:
2018-11-14 16:30:25.452648+0800 CookiePolicyDemo[72375:4794345] 當(dāng)前cookie storage 策略: NSHTTPCookieAcceptPolicyNever
2018-11-14 16:30:25.452683+0800 CookiePolicyDemo[72375:4794345] 當(dāng)前cookie storage 策略: NSHTTPCookieAcceptPolicyNever
- 此時(shí), 只要我們沒有主動(dòng)將APP沒有刪除, 同時(shí)在新的代碼中沒有主動(dòng)調(diào)用
[NSHTTPCookieStorage +setCookieAcceptPolicy:]方法去設(shè)置Cookie Policy, 那么此APP就永遠(yuǎn)不能被后臺(tái)種植Cookie了!!!!!因?yàn)榇藭r(shí), 我們的Cookie Policy 永遠(yuǎn)是NSHTTPCookieAcceptPolicyNever!!!!!
按常理, 我們?cè)谧⑨尩?code>[[NSHTTPCookieStorage sharedHTTPCookieStorage] setCookieAcceptPolicy:NSHTTPCookieAcceptPolicyNever]以后, 系統(tǒng)的 Cookie Policy 會(huì)修改成默認(rèn)的NSHTTPCookieAcceptPolicyAlways或者NSHTTPCookieAcceptPolicyOnlyFromMainDocumentDomain, 但是這里的結(jié)果缺與我們直觀感受有所出入!!!
總結(jié)
這個(gè)問題讓我們認(rèn)識(shí)到, iOS系統(tǒng)中的Cookie Storage Policy 可能用的一個(gè)外部文件存儲(chǔ)相關(guān)配置, 只要我們手動(dòng)調(diào)用過[NSHTTPCookieStorage +setCookieAcceptPolicy:]方法, 那么該配置就會(huì)被寫入該外部文件.
也就是說, 只要以下3個(gè)條件同時(shí)滿足, 原app相關(guān)的外部配置依然會(huì)生效!!!:
- 我們調(diào)用過
+setCookieAcceptPolicy, 并且將該APP安裝到的iOS設(shè)備 - 在該APP運(yùn)行情況時(shí), 有異常情況發(fā)生(APP進(jìn)入后臺(tái),APP被手動(dòng)終止)
- 將調(diào)用過
+setCookieAcceptPolicy注釋以后的APP, 重新安裝在該設(shè)備上, 重用原APP的資源.
解決該問題只能, 通過代碼將Cookie Storage設(shè)置成NSHTTPCookieAcceptPolicyAlways或者NSHTTPCookieAcceptPolicyOnlyFromMainDocumentDomain.
在SDK開發(fā)過程中, 要防止殼APP對(duì) Cookie Sotrage 的配置影響SDK內(nèi)部的Cookie相關(guān)內(nèi)容, 還是建議手動(dòng)存儲(chǔ)后臺(tái)在 Response 中的Set-Cookie中的Cookie, 而不要使用系統(tǒng)層的Cookie存儲(chǔ)邏輯.
ps: 以上內(nèi)容中, 我只使用Xcode - Run 來表示重裝APP, 實(shí)際情況中可能, 用戶在進(jìn)入我們APP以后, 進(jìn)入app store更新我們的app,會(huì)導(dǎo)致原打開的app進(jìn)入后臺(tái)!!!!! 滿足上面提到的3個(gè)條件
參考
- 關(guān)于ios的Cookie那些事
- iOS htttp網(wǎng)絡(luò)請(qǐng)求cookie的讀取與寫入(NSHTTPCookieStorage)
- NSMutableURLRequest 設(shè)置cookie 及 NSHTTPCookieStorage機(jī)制
- iOS開發(fā)WKWebView Cookie的讀取與寫入,與UIWebView的Cookie共享
- What is the default cookieAcceptPolicy
- Apple Doc
- Understanding iOS Cookie Accept Policy
- React Native持久化sessions #9
- Does NSURLConnection automatically persist cookies sent from server?
